Obtain a digital certificate to create a digital signature

This article describes how to obtain a digital certificate to create a digital signature, and why you have to have a digital signature (or digital ID) to digitally sign your documents. To work with digital signatures in a Microsoft Word 2010 document, Excel 2010 spreadsheet, or PowerPoint 2010 presentation, click the following link:

In this article

Get a digital signature from a certificate authority or a Microsoft partner

If you plan to exchange digitally-signed documents together with other people, and you want the recipients of your documents to be able to verify the authenticity of your digital signature, you can obtain a digital certificate from a reputable third-party certificate authority (CA)

Create a digital certificate to digitally sign a document immediately

If you do not want to purchase a digital certificate from a third-party certificate authority (CA), or if you want to digitally sign your document immediately, you can create your own digital certificate.

On the Create Digital Certificate dialog box, type a name for your certificate,

Click OK.

If you digitally sign a document by using a digital certificate that you created, and then you share the digitally-signed file, other people cannot verify the authenticity of your digital signature without manually deciding to trust your self-signed certificate.

The following image is an example of the Create Digital Certificate dialog.

Note To learn more about digital IDs in Microsoft Outlook 2010, see Get a digital ID

What is a digital signature?

A digital signature is an electronic, encrypted, stamp of authentication on digital information such as e-mail messages, macros, or electronic documents. A signature confirms that the information originated from the signer and has not been altered.

The following image is an example of a signed signature line in an Office file.

Signing certificate and certificate authority

Signing certificate To create a digital signature, you have to have a signing certificate, which proves identity. When you send a digitally-signed macro or document, you also send your certificate and public key. Certificates are issued by a certification authority, and like a driver’s license, can be revoked. A certificate is usually valid for a year, after which, the signer must renew, or get a new, signing certificate to establish identity.

Certificate authority (CA) A certificate authority is an entity similar to a notary public. It issues digital certificates, signs certificates to verify their validity, then and tracks which certificates have been revoked or have expired.

Digital signature assurances

Authenticity The signer is confirmed as the signer.

Integrity The content has not been changed or tampered with since it was digitally signed.

Non-repudiation Proves to all parties the origin of the signed content. Repudiation refers to the act of a signer denying any association with the signed content.

Notarization Signatures in Microsoft Word 2010, Excel 2010, or PowerPoint 2010 files, which are time stamped by a secure time-stamp server, under certain circumstances, have the validity of a notarization.

To make these assurances, the content creator must digitally sign the content by using a signature that satisfies the following criteria:

The digital signature is valid.

The certificate associated with the digital signature is current (not expired).

The signing person or organization, known as the publisher, is trusted.

Signed documents, which have a valid time stamp, are considered to have valid signatures, regardless of the age, or revocation status, of the signing certificate.

The certificate associated with the digital signature is issued to the signing publisher by a reputable certificate authority (CA).